rsync 2.6.0: possible sanitization bug?
Wayne Davison
wayned at samba.org
Fri Jan 30 16:22:36 GMT 2004
On Fri, Jan 30, 2004 at 11:52:17AM +0000, Adam Sampson wrote:
> Since sanitize_path modifies its first argument in place, the path
> that open() gets there hasn't been sanitized
Ouch! I've just checked in a fix. I didn't free the strdup() memory
because I wanted to leave the value sanitized, just in case the code
needs to know the actual value that was opened (in some future change).
Thanks for the report!
..wayne..
-------------- next part --------------
--- options.c 27 Jan 2004 23:13:12 -0000 1.128
+++ options.c 30 Jan 2004 16:13:40 -0000
@@ -686,8 +686,10 @@ int parse_arguments(int *argc, const cha
}
} else {
extern int sanitize_paths;
- if (sanitize_paths)
- sanitize_path(strdup(files_from), NULL);
+ if (sanitize_paths) {
+ files_from = strdup(files_from);
+ sanitize_path(files_from, NULL);
+ }
filesfrom_fd = open(files_from, O_RDONLY|O_BINARY);
if (filesfrom_fd < 0) {
rsyserr(FERROR, errno,
More information about the rsync
mailing list